jfruh writes: "HTTPS has long been a part of good Web security strategy, but apparently Apple didn't get the memo. The company's wildly successful app store for iOS didn't encrypt traffic via HTTPS by default until January 23 of this year. The researcher who discovered ways to exploit this vulnerability says he alerted Apple back in July of 2012."Link to Original Source